North Korean state-sponsored threat actors are targeting macOS users with new malware, utilizing a strategy that combines two popular approaches – fake job ads, and ClickFix, experts have warned.
Security researchers Jamf confirmed they have spotted attacks in the wild using ClickFix, an attack method in which the victim is presented with a fake problem, and at the same time, presented with a fix. It is an evolution of the old “You have a virus” popup that dominated the internet in the early 2000’s. Jamf says ‘DPRK-aligned operators’ from the FlexibleFerret malware family have been creating fake companies, fake LinkedIn profiles and, most importantly – fake job ads, as part of a wider campaign called Contagious Interview.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Android malware: A million people downloaded these malicious apps before they were finally removed from Google Play
November 15, 2022
Google has removed a series of apps downloaded by over a million Android users from the Google Play Store that infected smartphones with malware and bombarded devices with malicious pop-up ads. The malware has been detailed by cybersecurity researchers at Malwarebytes. The apps were still available to download for a number of days after the research ...
- Russia-based Pushwoosh tricks US Army and others into running its code – for a while
November 15, 2022
US government agencies including the Army and Centers for Disease Control and Prevention pulled apps running Pushwoosh code after learning the software company – which presents itself as American – is actually Russian, according to Reuters. Pushwoosh is a software company that provides code and data analysis for developers so they can automate custom push notifications ...
- CISA Has Added One Known Exploited Vulnerability to Catalog
November 14, 2022
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the “Date ...
- Whoosh confirms data breach after hackers sell 7.2M user records
November 14, 2022
The Russian scooter-sharing service Whoosh has confirmed a data breach after hackers started to sell a database containing the details of 7.2 million customers on a hacking forum. Whoosh is Russia’s leading urban mobility service platform, operating in 40 cities with over 75,000 scooters. On Friday, a threat actor began selling the stolen data on a hacking ...
- World Cup apps pose a data security and privacy nightmare
November 11, 2022
With mandated spyware downloads to tens of thousands of surveillance cameras equipped with facial-recognition technology, the World Cup in Qatar next month is looking more like a data security and privacy nightmare than a celebration of the beautiful game. Football fans and others visiting Qatar must download two apps: Ehteraz, a Covid-19 tracker, and Hayya, which ...
- NSA to developers: Think about switching from C and C++ to a memory safe programming language
November 11, 2022
The National Security Agency (NSA) is urging developers to shift to memory safe languages – such as C#, Go, Java, Ruby, Rust, and Swift – to protect their code from remote code execution or other hacker attacks. Of the languages mentioned above, Java is the most widely used across enterprise and Android app development, while Swift ...